CVE-2025-23024

Sažetak

GLPI is a free asset and IT management software package. Starting in version 0.72 and prior to version 10.0.18, an anonymous user can disable all the active plugins. Version 10.0.18 contains a patch. As a workaround, one may delete the `install/update.php` file.

Reference

https://github.com/glpi-project/glpi/releases/tag/10.0.18
https://github.com/glpi-project/glpi/security/advisories/GHSA-885x-hvp2-85q8

CVSS

Base:	0.0
Impact:	None
Exploitability:	None

Pristup

Vektor	Složenost	Autentikacija
None	None	None

Impact

Povjerljivost	Cjelovitost	Dostupnost
None	None	None

CVSS vektor

None

Zadnje važnije ažuriranje

25-02-2025 - 16:15

Objavljeno

25-02-2025 - 16:15